We performed a comparison between Elastic Security and Trellix Active Response based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"The main thing is that I feel safe. Because the processes that have been used to get a handle on the attackers are much better than other competitors"
"This is stable and scalable."
"I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"The product's initial setup phase is very easy."
"The product detects and blocks threats and is more proactive than firewalls."
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"he solution is an anti-malware product that integrates well with other vendor products such as firewalls, SIEM, etc. It captures threat intelligence and gives you better visibility. The product also has sandboxing features."
"It can handle millions of loads at a time, and you can always use the filters to find exactly what you are looking for and detect errors in every log message you are searching for, basically."
"The scalability is good. It can be scaled easily in the production environment."
"Just the ability to do a lot more than just up-down is nice, which a lot of people take for granted."
"The most valuable feature is the scalability. We are in Indonesia, more engineers understand Elastic Security here. So it is easier to scale and also develop. In features, the discovery to query all the logs is very important to us. It is very easy, especially with the query function and the feature to generate alerts and create tools. Sometimes we use the alert security dashboard to monitor our clients."
"The solution is compatible with the cloud-native environment and they can adapt to it faster."
"The visualization is very good."
"One of the most valuable features of this solution is that it is more flexible than AlienVault."
"The intelligence of the system has been very impressive. It's not quite AI, but the technical bit where it correlates information, based on the seen attacks within an organization is good."
"The solution is scalable."
"It's a little lighter compared to the older version, which was mostly signature-based."
"We are hoping to automate detection and response and take advantage of user behavior analytics, given that we are working from home. About half of our workers are still remote, so Active Response gives us that visibility and lets us automate a number of those events."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"Cannot be used on mobile devices with a secure connection."
"The solution is not user-friendly."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices."
"It would be better if Elastic Security had less storage for data. My customers do not like this. Other vendors have local support in different countries, but Elastic Security doesn't. I would like to have Operational Technology (OT) security in the next release."
"Elastic Security's maintenance is hard and its scalability is a challenge. There are complications in scaling and upgrading. The solution needs to also provide periodic upgrade checks."
"Elastic Security has a steep learning curve, so it takes some time to tune it and set it up for your environment. There are some costs associated with logging things that don't have value. So you need to be cautious to only log things that make sense and keep them around for as long as you need. You shouldn't hold onto things just because you think you might need them."
"The setup process is complex. You need a solid working knowledge of networking, operating systems, and a little programming."
"The solution does not have a UI and this is one of the reasons we are looking for another solution."
"If you compare this with CrowdStrike or Carbon Black, they can improve."
"The solution could also use better dashboards. They need to be more graphical, more matrix-like."
"With Elastic Security, the challenge arises from the fact that there is a learning curve in relation to queries and understanding the query language provided to extract usable data."
"There are some components on the cloud that should also reside in the on-prem deployment models but don't."
"I also expected Active Response 's user interface to be much more analytical."
"While the product is good, we are currently facing support issues."
Earn 20 points
Elastic Security is ranked 16th in Endpoint Detection and Response (EDR) with 59 reviews while Trellix Active Response is ranked 58th in Endpoint Detection and Response (EDR). Elastic Security is rated 7.6, while Trellix Active Response is rated 6.4. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of Trellix Active Response writes "Lighter with good stability and pretty good technical support". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Microsoft Defender for Endpoint, whereas Trellix Active Response is most compared with Trellix Endpoint Security (ENS) and Trellix Endpoint Detection and Response (EDR). See our Elastic Security vs. Trellix Active Response report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.